112 matches found
SUSE: Security Advisory (SUSE-SU-2022:3153-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for vips (FEDORA-2021-b58af96f33)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 32 Update: vips-8.8.4-5.fc32
VIPS is an image processing library. It is good for very large images even larger than the amount of RAM in your machine, and for working with color. This package should be installed if you want to use a program compiled against VIPS...
Mozilla: Out of bounds write in GMPDecodeData when processing large images
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code...
Mozilla: Out of bounds write in GMPDecodeData when processing large images
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code...
Mozilla: Out of bounds write in GMPDecodeData when processing large images
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code...
Mozilla: Out of bounds write in GMPDecodeData when processing large images
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code...
Denial Of Service (DoS)
Mozilla is vulnerable to denial of service DoS. The vulnerability exists through out of bounds write in GMPDecodeData when processing large images...
Mozilla: Out of bounds write in GMPDecodeData when processing large images
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code...
Nextcloud: Uploading large avatar images cause excessive CPU usage
How to reproduce: - Create an account on any server running Nextcloud 13 or 14. - Open the personal settings. - Upload a large image as avatar tested with a 4032x3024 PNG image of about 14.5 MB. - Keep the selected area in the popup and save the avatar. - Notice that the avatar area shows the...
CVE-2018-16132
The image rendering component createGenericPreview of the Open Whisper Signal app through 2.29.0 for iOS fails to check for unreasonably large images before manipulating received images. This allows for a large image sent to a user to exhaust all available memory when the image is displayed,...
[SECURITY] Fedora 26 Update: vips-8.5.8-2.fc26
VIPS is an image processing library. It is good for very large images even larger than the amount of RAM in your machine, and for working with color. This package should be installed if you want to use a program compiled against VIPS...
GraphicsMagick 'ReadMNGImage' function invalid memory read vulnerability
GraphicsMagick is a simple set of image processing tools. The tool provides resizing, rotating, highlighting and other functions to images. A security vulnerability exists in the 'ReadMNGImage' function in the coders/png.c file in GraphicsMagick version 1.3.26, which stems from the program not...
UBUNTU-CVE-2017-12935
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c...
USN-2898-2 eog vulnerability
It was discovered that Eye of GNOME incorrectly handled certain large images. If a user were tricked into opening a specially-crafted image, a remote attacker could use this issue to cause Eye of GNOME to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-2898-1: GTK+ vulnerability
It was discovered that GTK+ incorrectly handled certain large images. A remote attacker could use this issue to cause GTK+ applications to crash, resulting in a denial of service, or possibly execute arbitrary code...
[SECURITY] Fedora 16 Update: vips-7.24.7-2.fc16
VIPS is an image processing library. It is good for very large images even larger than the amount of RAM in your machine, and for working with color. This package should be installed if you want to use a program compiled against VIPS...
[SECURITY] Fedora 14 Update: vips-7.24.7-2.fc14
VIPS is an image processing library. It is good for very large images even larger than the amount of RAM in your machine, and for working with color. This package should be installed if you want to use a program compiled against VIPS...
[SECURITY] Fedora 15 Update: vips-7.24.7-2.fc15
VIPS is an image processing library. It is good for very large images even larger than the amount of RAM in your machine, and for working with color. This package should be installed if you want to use a program compiled against VIPS...
[SECURITY] Fedora 15 Update: nip2-7.24.2-1.fc15
nip2 is a graphical front end to the VIPS package. With nip2, rather than directly editing images, you build relationships between objects in a spreadsheet-like fashion. When you make a change somewhere, nip2 recalculates the objects affected by that change. Since it is demand-driven this update ...